diff options
| -rw-r--r-- | todo.txt | 98 |
1 files changed, 34 insertions, 64 deletions
@@ -5,18 +5,8 @@ Next (things that will reduce admin time mainly) - "Can I help out" a bit invisible -Keep URL through funnel for Louise - Destroy request - does it remove the tags? -Richard says he wants the internationalisation to be so it could be one site -with combined search. Why obey the notion of a country? I'm not sure, but -it might be prudent to write it so it can run multiple jurisdictions in -one deploy, if only for administrative reasoins. - - path maybe: lib/juris/uk, lib/juris/eu etc. - - consider Single Table Inheritance (harder to back out of though) - - use mixins with explicit include otherwise - Add links to these tags where possible: ch:* - Bodies that appear on the Register of Companies. '*' is replaced by the company number, which is eight characters long and consists of optional upper-case letters followed by digits. coins:* Bodies appearing in COINS database followed by reference code e.g. coins:BRL048 (British Library) @@ -96,6 +86,19 @@ Things to make bots not crawl somehow: Renaming of a body, or changing its domain, should clear the cached bubbles of all requests to that body. +Change it to store emails as files in the filesystem? For speed of backup if nothing else. +Should have simpler system for us to upload files sent to us via CD etc. +Currently we have to manually put them in the files directory on the vhost. +Make it so web upload interface copes gracefully with arbitarily large messages +(it causes speed trouble having them in the database right now) +Maybe have flag saying "don't try to make snippet for this it is just too big". + +Compress the emails in the database, or on disk + +Keep cached columns in database in their own table, might give performance benefits + + + Letting you hide individual events (incoming/outgoing messages, annotations) ================================== @@ -149,6 +152,7 @@ The image in a "stream" section get corrupted: Needs a fancy PDF library (which doesn't exist yet) that can tell when it is binary or text stream within the file. See thread in email "corrupted pdf" for more details. Maybe have option in admin to turn off censoring on a particular file. +Maybe just do an MX check to see if it is really an email :) check-recent-requests-sent probably doesn't work, as exim log lines wouldn't be load in case where the envelope from gets broken? @@ -156,32 +160,6 @@ be load in case where the envelope from gets broken? Point all MX records to one server, so can see incoming messages in exim logs also. Hmmm, but less robust. Run the exim log grabber across all mail servers? -XXX Not sure all this matters really, requests seems to be getting through better these days? -Make request addresses easier to type in again, and routing work better: -* Put the request from address in the database, - XXX make sure it knows the type, as need fuzzy rule for matching/guessing according to type -then change the rule for making it. -* Change holding pen to lookup hash e.g. 1bd8ea of the request address in database - (so gives good guess it the hash is right, but the number is wrong) -* Use maybe words for generated email address? Name of the person and a request -number (i.e. number of that persons request, so there are few numbers)? -julian.todd@section44.whatdotheyknow.com -* Use words from a dictionary, e.g. cat, mouse, rat, hat etc. -* Use single words from the request, e.g. section, terrorism, allotment -* Make sure avoid FROM_ENDS_IN_NUMS rule in Spam Assassin -* It looks like an error generated by GFI MailEssentials, see p62 of chapter - 11 of the manual at http://www.gfi.com/mes/me11manual.pdf which states: - 7. Check if emails contain more than X numbers in the MIME from: - Frequently, more than 3 numbers in the MIME from means that the sender is a - spammer. The reason for this is that spammers often use tools to - automatically create reply-to: addresses on hotmail and other free email - services. Frequently they use 3 or more numbers in the name to make sure - the reply-to: is unique. -* Use FOI code allocated by authority to work out where emails are to go -* Second request to same authority by same person - tell them to be sure -to use the right email -* Improve routing from Exim so copes with addresses not having request- prefix. - When on a small screen, the actual form when making a new request is below the fold, and it isn't obvious what you need to do. (Seen while watching a new user try to make a request) @@ -200,6 +178,7 @@ substantively different (modulo Re: and Fwd:) from the title and other subjects For Scotland, don't need to say "normally" equivocally when it is taking more than 20 days (as there is no public interest test). +Arguably, and to simplify things with Alaveteli, we should just be campaigning about this whole public interest test thing anyway, and not pussy foot about it. Not sure what form of wording to use that does that that is true though. Add explicit option for user to select "misdelivered to the wrong request" and let people move them to the right place. @@ -226,13 +205,16 @@ as well. Let requesters view the uncensored versions of their correspondence (e.g. with emails in it). Let other people do so with a CAPTCHA? +Perhaps easy thing to do is just to do it for email addresses (and not the request email address) For followups, have radio button to say is it a new request or followup Do by uncommenting the "new information" option when writing a followup, so that it makes a new request -When it prompts error_message people to send annotation, maybe just show them -the email address of the error to check then and there? +When a user says that a response is an error message, it prompts them to say +what the problem is to administrators. It could at that time show them the +email of the authority that their request was sent to for them to check +then and there, and tell the administrators. If you've already conducted an internal review, at all places - when on unhappy/url @@ -242,13 +224,12 @@ don't offer it again, as they've already done it. Example of completed review: http://www.whatdotheyknow.com/request/request_for_full_disclosure_of_b#incoming-9267 -Don't allow sending internal review text twice (although make sure they +Don't allow sending internal review boiler plate text twice (although make sure they can write followups to internal review) e.g. http://www.whatdotheyknow.com/request/reply_to_letter_from_historic_ro Clock for internal review - The Information Commissioner has issued a "Good Practice Guidance" document: - http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/foi_good_practice_guidance_5.pdf + The Information Commissioner has issued a "Good Practice Guidance" document: http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/foi_good_practice_guidance_5.pdf 20 days is late 40 days max. Fix up the text: "The internal review should take 2-3 weeks for simple cases, @@ -299,28 +280,11 @@ Show similar requests after you have filed yours - maybe on preview too. Test code for rendering lots of different attachments and filetypes Test code for internal review submitting -Protect from CSRF with this in app controller (care it doesn't break anything): - # See ActionController::RequestForgeryProtection for details - # Uncomment the :secret if you're not using the cookie session store - protect_from_forgery # :secret => '<%= app_secret %>' - Look at quote_address_if_necessary in actionmailer's quoting.rb - why did it not work for the email address with "@" in its name part? -Should group by the request id for search queries (so all appear -together when request and response mention same term) - Something to check which tags are used but aren't in PublicBody category lists -Change it to store emails as files in the filesystem? For speed of backup if nothing else. -Should have simpler system for us to upload files sent to us via CD etc. -Currently we have to manually put them in the files directory on the vhost. -Make it so web upload interface copes gracefully with arbitarily large messages -(it causes speed trouble having them in the database right now) - -Compress the emails in the database -Don't store the cached text in backups - maybe keep it in its own table to avoid that? - Other references to title field changes don't get search index updated when title is altered (e.g. when a public body is renamed) Maybe just reindex all once a week, but it is a bit slow now, so perhaps do it properly. @@ -335,6 +299,8 @@ Never updates cached attachment text unless cache is explicitly cleared (which might matter with software updates, or code changes). Should we clear the cache automatically every month in the middle of the night or something? $ ./script/clear-caches +Alternative - embed some identifier in the code and the cache directory, and +detect it changes and automatically clear the cache. Display and indexing of response emails/attachments @@ -484,7 +450,8 @@ Lisa asked for this - is definitely only whole requests needed. Tony says anyone should be able to edit the tags, but requester should have last say (so can prevent a tag being added that they removed). -Read reply - ask for exchange read receipts, and show if mail was read. +Read reply - ask for Microsoft Exchange "read receipts", and show if mail was read. +Or maybe use a webbug. Telephone numbers. Add advice in workflow to call authority first to check form they have info in. Store telephone numbers in database. @@ -507,8 +474,6 @@ their email address (perhaps just have admins validate / approve it) Detect councils that always send automatic acknowledgements, and notice if they do not for a particular request? (e.g. Leicestershire County Council) -Interface for when you change your email address - easier to do now with post_redirect.circumstance? - Add tips on using the law, e.g.: - You can go up and down between local and national - ask local places what their policy is, and hwo they are implementing it. Ask national things what @@ -518,7 +483,7 @@ Add note by any exemption to the page on FOI Wiki Add note on mention of "Re-Use of Public Sector Information Regulations 2005" to the appropriate FAQ. -Hyperlink Section 1(3) to the act +Hyperlink Section 1(3) to the act (or have an automatic tip appear) http://www.whatdotheyknow.com/request/university_investment_in_the_arm#incoming-86 and to guidance notes http://www.ico.gov.uk/what_we_cover/freedom_of_information/guidance.aspx @@ -540,7 +505,13 @@ Make text boxes autogrow as you type into them. (10:32:52) Matthew: their function is called autogrow_textarea() by the way, if you just want to look at it... thanks :) I won't do it now as there are more important things, I was just accidentally impressed -Editable user profile, including photo upload +"Why not fill in your profile?" not that many people fill in their profile, we could have special +advert (on page when they are on site) trying to force them to (maybe only if active). Give +points for doing this. +Also could offer option of Gravatar during signup, or later (as explicit option, so not leaking private info) + +Scoreboards and gamification. Put all admin functions in the main site, and let anyone get +power to do them by accumulating points doing other useful things. There's lots of stuff! .tif files are hard for people to view as multi page, consider automatically separating out the pages as separate links (to .png files or whatever) @@ -577,5 +548,4 @@ EU regulation 1049/2001 requests US requests (with Sunlight) OCR all images automatically, even if badly (check for tiffs!) -Maybe use Scrbd's free service :) http://www.scribd.com/paper |